CVE-2019-9778 — Out-of-bounds Read in Libredwg

Severity

7.5HIGHNVD

EPSS

1.8%

top 17.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 14

Latest updateMay 13

Description

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

▶NVDgnu/libredwg0.7, 0.7.1645+1

GHSA

GHSA-2r97-c5fx-x5hg: An issue was discovered in GNU LibreDWG 0↗2022-05-13

▶

CVEList

CVE-2019-9778: An issue was discovered in GNU LibreDWG 0↗2019-03-14

▶